Ransomware isn’t sexy but it’s certainly an important topic in today’s IT security landscape, with unprecedented growth and relentless evolution, organisations need to constantly keep one step ahead of bad actors eager to make a buck by exfiltrating and encrypting your important data.

Ransomware attacks mainly occur because IT is a complex and everchanging environment, organisations are busy modernising their applications from monolithic designs to new highly distributed container-based services. The remote workforce is now connected more than ever, with the ability to access data hosted across multiple cloud providers, connecting from virtually any device, at any hour of the day. IT departments are being asked to do more with less each and every year while ransomware attacks are on the rise and becoming more costly than ever before.

Beyond encryption of data, some ransomware is taking it a step further and making ransom of leaking data, this is otherwise known as data exfiltration. Unfortunately, stopping ransomware prior to an attack is difficult and at best, inconsistent. No single product or service has all the solutions to the challenges raised by these attacks, instead, it’s recommended to take a multi-layered approach. Apply best practices, keep systems up to date, enforce good data hygiene, configure event logging, and identify anomalies (indicators of compromise) to provide the best chance of discovering an attack as early as possible.